diff --git a/app/Livewire/ActivityMonitor.php b/app/Livewire/ActivityMonitor.php index bc310e715..370ff1eaa 100644 --- a/app/Livewire/ActivityMonitor.php +++ b/app/Livewire/ActivityMonitor.php @@ -79,8 +79,10 @@ public function polling() $causer_id = data_get($this->activity, 'causer_id'); $user = User::find($causer_id); if ($user) { - $teamId = $user->currentTeam()->id; - if (! self::$eventDispatched) { + $teamId = data_get($this->activity, 'properties.team_id') + ?? $user->currentTeam()?->id + ?? $user->teams->first()?->id; + if ($teamId && ! self::$eventDispatched) { if (filled($this->eventData)) { $this->eventToDispatch::dispatch($teamId, $this->eventData); } else { diff --git a/app/Livewire/Team/InviteLink.php b/app/Livewire/Team/InviteLink.php index 45af53950..ee6d535e9 100644 --- a/app/Livewire/Team/InviteLink.php +++ b/app/Livewire/Team/InviteLink.php @@ -48,7 +48,7 @@ private function generateInviteLink(bool $sendEmail = false) // Prevent privilege escalation: users cannot invite someone with higher privileges $userRole = auth()->user()->role(); - if ($userRole === 'member' && in_array($this->role, ['admin', 'owner'])) { + if (is_null($userRole) || ($userRole === 'member' && in_array($this->role, ['admin', 'owner']))) { throw new \Exception('Members cannot invite admins or owners.'); } if ($userRole === 'admin' && $this->role === 'owner') { diff --git a/app/Models/User.php b/app/Models/User.php index 0b0666c1a..d64835c42 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -311,30 +311,41 @@ public function isInstanceAdmin() return $found_root_team->count() > 0; } - public function currentTeam() + public function currentTeam(): ?Team { - return Cache::remember('team:'.$this->id, 3600, function () { - if (is_null(data_get(session('currentTeam'), 'id')) && $this->teams->count() > 0) { - return $this->teams[0]; - } + $sessionTeamId = data_get(session('currentTeam'), 'id'); - return Team::find(session('currentTeam')->id); + if (is_null($sessionTeamId)) { + return null; + } + + return Cache::remember('team:'.$this->id, 3600, function () use ($sessionTeamId) { + return Team::find($sessionTeamId); }); } - public function otherTeams() - { - return $this->teams->filter(function ($team) { - return $team->id != currentTeam()->id; - }); - } - - public function role() + public function role(): ?string { if (data_get($this, 'pivot')) { return $this->pivot->role; } - $team = $this->teams->where('id', currentTeam()->id)->first(); + + $current = $this->currentTeam(); + if (is_null($current)) { + return null; + } + + $team = $this->teams->where('id', $current->id)->first(); + + return data_get($team, 'pivot.role'); + } + + /** + * Get the user's role in a specific team + */ + public function roleInTeam(int $teamId): ?string + { + $team = $this->teams->where('id', $teamId)->first(); return data_get($team, 'pivot.role'); } @@ -416,9 +427,10 @@ public function confirmEmailChange(string $code): bool ]); // For cloud users, dispatch job to update Stripe customer email asynchronously - if (isCloud() && $this->currentTeam()->subscription) { + $currentTeam = $this->currentTeam(); + if (isCloud() && $currentTeam?->subscription) { dispatch(new \App\Jobs\UpdateStripeCustomerEmailJob( - $this->currentTeam(), + $currentTeam, $this->id, $newEmail, $oldEmail